Your SlideShare is downloading. ×
  • Like
Scott Isaacs Presentationajaxexperience (Final)
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Scott Isaacs Presentationajaxexperience (Final)



Published in Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads


Total Views
On SlideShare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide
  • Users view versus reality… Start with your site and then expand… explaining the user’s view versus what is really happening
  • Platforms - cloud data is avaluable – same attack vectors against the PC now exist in the cloud. Currently hacking around for sharing. data
  • Quality of service demo, code throttling., etcUse TICKING CLOCK!
  • Request untrusted contentTransform untrusted contentInterceptionProfilingQoS ProtectionWrap a sandbox around contentAssociate with PolicyBind to document node (optional)Execute…
  • JSON-ize HTML/CSS, Inject interception, profiling, QoS hooks, and Lifecycle (factory) supportPerforms an A->B TransformationPerforms syntactic validationNo security at this point
  • DO A DEMO OF A POLICY EXPLAINING DOCUMENT.BODYDo prototype overriding and namespace explanationaddEventListener…
  • Some scenarios are so extreme, becoming a platform themselveLocal capabilities are being exposed, cloud Capabilities are increasing in valueBe aware of these challenges in your applications…


  • 1. Beyond IFrames:Web Sandboxes
    Scott Isaacs
    Software Architect
  • 2. How Web Sites are Built Today
    Google Friend Connect
    The Web normally has a Same Origin Policy – but in practice, “your script works in my origin”
    All JavaScript code in the page, regardless of origin, has the same trust level and permissions
    If one bit of code fails or is compromised, the entire page/app/site can be compromised
    Quick Demo…
    Google News
    Error from Amazon
  • 3. Circles of (Dis)Trust
    Shared Frameworks
    You Tube
    Your Code
    Social Networks
    Display Ads
  • 4. User’s Expectations ≠ Reality
    Mismatch between browser security and expectations
    O/S boundaries protected
    Cross-domain content protected
    Composite pages have a single policy
    Aggregation (mash-ups) not protected
    You need a composite policy for a composite page
    Let’s secure the cookie…
  • 5. The growing risk…
    Differentiation between Cloud and Local Services is blurring…
    User Data being aggregated…
    Personal Data (both local and cloud-based)
    Storage, Photos, E-Mail, Social Network/ Contacts, IM
    Phones, GPS, Camera, etc.
    …and exposed to…
    Site Services
    Rich Advertising, Analytics, Maps, Affiliate Programs
    Site Extensibility
    Gadgets, Libraries, etc.
  • 6. What about IFrames?
    Still exploitable…
    Run-away code…
    And not rich enough…
    Designed for content embedding
    Established fixed “policies”
    Won’t work for display integration (e.g., fly outs)
    Fails for tight integration w/ API’s, CSS
    Isolation model, not a Security Architecture
  • 7. Web Sandbox
    Isolate and secure the boundaries via composite host-defined policies
    Builds on existing knowledge
    Embrace existing programming patterns
    Provides browser equalization
    Open Source Project (Apache License)
  • 8. QoS - Going beyond security
    Profiles executing code
    Error tracking and recovery
    Code Throttling
    LifeCycle management
    QoS Demo…
  • 9. Your Web Page
    Creating Secure Containers
    Policy and Rules
    Policy and Rules
    Policy and Rules
    Web Sandbox Virtual Machine
    Web Sandbox Virtual Machine
    Web Sandbox Virtual Machine
    Untrusted Script
    Untrusted Script
    Untrusted Script
  • 10. Web Sandbox: The Big Picture
    Trusted Host(e.g., Your Site)
    Requests Content(untrusted)
    SandboxVirtual Machine(JavaScript Library)
    Sandboxed Execution
    Sandboxed Execution
    (Server or Client-based)
    Untrusted Content
    Virtualize Code
  • 11. Transformation Process
    Request Resource
    Parse Resource
    Output JavaScript for execution within the Sandbox VM
    Let’s take a look….
  • 12. Sandbox Virtual Machine
    Validates execution against policies
    Supports instancing and lifecycle
    Monitors QoS via profiling & throttling
    Protects external communication
  • 13. Policies
    Contextually-aware API “tables”
    Allow/Deny/Augment rules
    Cascading model
    Default “Gadget” Policy
    Supports JavaScript/ W3C DOM
    Provides Namespace isolation
  • 14. Trusted/ Untrusted boundaries
    Custom Policies to Surface Host APIs
    Mutually distrusted components sharing single “Trusted” Map
  • 15. Simple Integration…
    <script src="sandbox2.js"></script>
    <div id="box"></div>
    <script src="transform.ashx?type=script&guid=GadgetGUID&ua=IE8&url="></script>
    <script>var instance = new $Sandbox(document.getElementById("box"), $Policy.Gadget, 'GadgetGUID');instance.initialize();
  • 16. Closing Thoughts…
    Web Application ecosystem is evolving
    Applications getting richer via aggregation
    More valuable services and personal data are exposed
    The web security model must evolve
    Web-sandbox adds protection across the boundaries
    Sites can properly model and enforce the trust relationship
    Sites can protect themselves and their users
    Possible without redefining the web…
    Go play with it (
  • 17. Questions?
    Learn more at:
    Also don’t miss the panelSecure Mashups: Getting to Safe Web Plug-insWednesday, 10:55am